After Obama’s website, black hats have now managed to sow the seeds of deceit in Google video search results. Security firm Trend Micro has discovered that that about 400,000 queries trigger Google Video search results that “have a single redirection point, and one that eventually leads to malware download and execution.” The black hats have been able to manipulate search results to their advantage using simple SEO techniques. For this purpose, they have reserved several domains and populated them with keywords.

According to Trend Micro, the malware executable, dubbed WORM_AQPLAY.A, proliferates using removable and network drives. The malware executable is disguised as an Adobe Flash installer. The malware only prompts the user to download the malicious Flash installer when he reaches one of the malefic video websites being run by the black hats.

According to a recent security study, low assurance digital certificates have become a new gateway for hackers to get to your personal data, by means of a man-in-the-middle (MITM) attack.

The MITM attack consists of a hacker putting themselves between two parties in a dialogue, such as a person and their bank. Once in place they effectively control the conversation to get login credentials or other, far more valuable information.

Generally, untrustworthy certificates will be halted by error messages or warnings that throw up red flags for potential problems, at least to the more internet-savvy. However, more crafty hackers will often add a legitimately issued certificate to the mix, making even the most secure browsers continue on their merry way, as if nothing has happened.

So how can you keep yourself safe online? Well, at time of press there isn’t any kind of listed fix, but just watch yourself and your information. Acting supremely paranoid can’t hurt, can it?

After a few eyebrows were raised over Chrome’s highly libertarian end-user license agreement (EULA) – almost a proclamation of a man’s fundamental right to piracy, an amendment or an explanation was inevitable. Chrome’s EULA stated that users were at liberty to use anything posted online through the browser. But Google has amended the EULA. The web juggernaut also downplayed the entire episode as a mistake. Setting the EULA aside, a few chinks in Chrome’s armor have already been sighted. Avi Raff, a researcher, has discovered that Chrome is vulnerable to carpet-bombing a la Safari.

Two researchers, Alex Pilosov and Anton Kapela, have concocted a technique to exploit the Border Gateway Protocol (BGP) – internet’s core routing protocol. They demonstrated their technique at the DefCon hacker conference in Las Vegas. The threat emanates from the innate credulity of the routing protocol: the BGP apparently is designed to trust all nodes and can be exploited to redirect insane volumes of internet traffic to malevolent networks.

It can be used for spying at a truly unprecedented scale. No, we are not talking about stalking someone on Facebook but nation-state espionage. Millions of users can be exposed within moments of such an attack. A few solutions have already been propounded, but ISPs seem to be watching quietly from the sidelines.

You wouldn't take a knife to a gun fight, and nor should you do battle with internet baddies using an unsecured browser. Yet despite what should seem obvious, a group of researchers found that surfers are doing just that, and hackers could be happier about it. During the study, the authors discovered a whopping 45 percent of users (roughly 637 million surfers) hopping online not using the most secure web browser version available, making them "an easy target for drive-by download attacks as they are potentially vulnerable to known exploits." And that data doesn't even include potentially vulnerable plug-ins.

But are users the ones to blame for putting themselves at risk? Ultimately yes, however the researchers made comparisons to the food industry arguing that browsers should display an expiration date, such as "145 days expired, 3 updates missed." Nom nom nom.